Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
July 15, NEW Customer Portal: Initial launch will improve how you submit Support Cases. IMPORTANT DETAILS
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
_AnonymousUser
Creator III
Creator III
‎2016-07-18 04:03 PM

Connecting via tRestClient to endpoint with self-signed certificate

Hello!
(Currently using Talend OS Big Data, 6.1.1)
I am struggling to connect to a RESTful API using the tRestClient, which has a self-signed root certificate. Is it possible for me to set my Talend environment up to trust the certificate? (i tried creating a truststore from the certificate and using tSetKeystore, but haven't had any luck).
Alternatively, is there a way I can set my job to disableCNCheck? I've seen some JIRA issues requesting this functionality, but I'm looking for a workaround if at all posible. 
Labels (3)
Labels
142 Views
0 Likes
4 Replies
_AnonymousUser
Creator III
Creator III
‎2016-07-18 04:16 PM
Author

Error Message:
Exception in component tRESTClient_3
javax.ws.rs.ProcessingException: javax.net.ssl.SSLProtocolException: SSLProtocolException invoking https://<url-replaced-for-talendforge-post> actiondefinitions: handshake alert:  unrecognized_name
at org.apache.cxf.jaxrs.client.AbstractClient.checkClientException(AbstractClient.java:582)
at org.apache.cxf.jaxrs.client.AbstractClient.preProcessResult(AbstractClient.java:564)
at org.apache.cxf.jaxrs.client.WebClient.doResponse(WebClient.java:1144)
at org.apache.cxf.jaxrs.client.WebClient.doChainedInvocation(WebClient.java:1094)
at org.apache.cxf.jaxrs.client.WebClient.doInvoke(WebClient.java:894)
at org.apache.cxf.jaxrs.client.WebClient.doInvoke(WebClient.java:865)
at org.apache.cxf.jaxrs.client.WebClient.invoke(WebClient.java:428)
at org.apache.cxf.jaxrs.client.WebClient.get(WebClient.java:611)
at eai.vrealizeops_0_1.vRealizeOps.tRESTClient_3Process(vRealizeOps.java:509)
at eai.vrealizeops_0_1.vRealizeOps.runJobInTOS(vRealizeOps.java:770)
at eai.vrealizeops_0_1.vRealizeOps.main(vRealizeOps.java:627)
Caused by: javax.net.ssl.SSLProtocolException: SSLProtocolException invoking https://<url-replaced-for-talendforge-post>: handshake alert:  unrecognized_name
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1376)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1360)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:651)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
at org.apache.cxf.jaxrs.client.AbstractClient.doRunInterceptorChain(AbstractClient.java:649)
at org.apache.cxf.jaxrs.client.WebClient.doChainedInvocation(WebClient.java:1093)
... 7 more
Caused by: javax.net.ssl.SSLProtocolException: handshake alert:  unrecognized_name
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at sun.net.www.protocol.http.HttpURLConnection$6.run(HttpURLConnection.java:1676)
at sun.net.www.protocol.http.HttpURLConnection$6.run(HttpURLConnection.java:1674)
at java.security.AccessController.doPrivileged(Native Method)
at sun.net.www.protocol.http.HttpURLConnection.getChainedException(HttpURLConnection.java:1672)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1245)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.getResponseCode(URLConnectionHTTPConduit.java:332)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.processRetransmit(HTTPConduit.java:1424)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRetransmits(HTTPConduit.java:1411)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1545)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1347)
... 13 more
Caused by: javax.net.ssl.SSLProtocolException: handshake alert:  unrecognized_name
at sun.security.ssl.ClientHandshaker.handshakeAlert(ClientHandshaker.java:1380)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1972)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301)
at sun.net.www.protocol.http.HttpURLConnection.getHeaderFields(HttpURLConnection.java:2714)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getHeaderFields(HttpsURLConnectionImpl.java:283)
at org.apache.cxf.transport.http.Headers.readFromConnection(Headers.java:257)
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.updateCookiesBeforeRetransmit(URLConnectionHTTPConduit.java:297)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleRetransmits(HTTPConduit.java:1409)
... 15 more
disconnected
Job vRealizeOps ended at 13:44 18/07/2016.
142 Views
0 Likes
Anonymous
Not applicable
‎2016-07-20 12:29 PM

Hi Gabby,
I'm trying to do exactly the same... without success 😕
To share a little more, I also tried to put the URL of the WS directly in Chrome, entering login/pwd as asked and it worked. I got the JSON response.
I guess that Chrome automatically does the SSL handshake.
When I get the response I have tryed to export the SSL certificate in Chrome to use it with the Talend tSetKeystore with no luck because it is a different format.
I think that the thing that we need is how to deal with the SSL handshake in Talend.
If someone could help us about this, it could be nice!
142 Views
0 Likes
Anonymous
Not applicable
‎2016-07-21 04:12 AM

Hi Gabby,
I have found the solution by my self (with google help 0683p000009MA9p.png).
I got a better understanding of the subject after reading this article:
add-list-certficates-java-keystore.html on javarevisited.blogspot.fr (2012/03)
(the forum does not want me to post link directly)
So I did the adding on my local Java KeyStore.
Put a tRESTClient on my Talend job.
Enterer parameters (Trustore path's and password).
Linked it to the tRESTClient component.
Launched the job and it worked!!! 
Solved for me  0683p000009MACn.png
So let's thank Javin Paul for his excelent post!
142 Views
0 Likes
Teguard_Dev
Contributor
Contributor
‎2021-05-12 06:52 AM

Can you elaborate on this?

I added the truststore path and password to my tRestClient as parameters and did not get any change in behaviour.

142 Views
0 Likes